<?php
class m_form_plugins_checker_Security extends m_form_extends_Checker
{
    public function check($values)
    {
        // see http://nedbatchelder.com/text/stopbots.html

        // First check if honeypot invisible text field is empty
        if($values['honeypot'] != '')
        {
            return false;
        }

        // Check if form is time valid
        if(time() - $values['timestamp'] > $values['timeLimit'])
        {
            return false;
        }

        // Check if form was posted by the same machine
        $key = crc32(m_backoffice_services_BackOfficeService::getKey());
        $spinner = md5($values['timestamp'].$_SERVER['REMOTE_ADDR'].$values['formId'].$key);

        if($spinner != $values['spinner'])
        {
            return false;
        }

        return true;
    }
}
